1. Field of the Invention
The invention relates to key distribution. More particularly, the invention relates to improved systems and methods for distributing key data from a key generation facility to products within a product personalization facility.
2. Description of the Related Art
Systems and methods for transferring or delivering digital information to various end user devices and/or products often involve some sort of digital rights management (DRM) format or scheme that usually includes encrypting the content to be transferred and providing one or more decryption keys to authorized users or user devices for decrypting the encrypted content. One type of encryption scheme is public key encryption, which involves a public key and a corresponding private key. The public key may be widely published or distributed across a communications network, while the corresponding private key is held by the authorized end user device or product. In public key encryption, information encrypted with a public key can be decrypted only with the corresponding private key.
In systems that use public key encryption, one concern is determining whether a public key is authentic, i.e., verifying that a received public key has not been copied, replaced or otherwise compromised. One manner to address this concern is through the use of a public key infrastructure (PKI), which generally is a collection of servers and software that enables an organization, company, or enterprise to distribute and manage the distribution of public and private keys from a key generation facility to products generated at a product personalization facility in a manner that allows users to reliably determine the identity of the owner of each public/private key pair. The PKI often uses a third party certificate authority (CA) to bind public keys with respective end users or end user products using public key certificates. In this manner, the certificate authority can reliably identify the owner of each public/private key pair.
During the manufacture of products or devices that will use public key encryption and/or digital signatures, various PKI information or data, such as one or more private keys, often must be loaded onto the products before the products leave the product personalization facility. Much of such PKI information is generated at a key generation facility, which typically is a third party facility not associated with the product personalization facility. For example, the key generation facility also can be the certificate authority.
Typically, it is assumed that the product personalization facility is a secure environment, and the distribution of PKI data to products within the product personalization facility will not be compromised. However, if the product personalization facility is not a secure or trusted environment, PKI data distributed to the product personalization facility for loading onto products can be compromised in a manner that will allow later unauthorized access to products manufactured at the product personalization facility. It may also be possible to steal the private keys in the personalization facility and then later install them into unauthorized devices from a different manufacturer, into personal computers, or into unauthorized systems not intended to hold those private keys. If the private keys are stolen, the same private key and digital certificate can be loaded into many unauthorized devices, thus creating clones that all pretend to have the same identity and can all make use of pay services under a single subscription.
Accordingly, there is a need for a secure system and method for distributing PKI data and other encryption/decryption information from a facility that generates the PKI data to the product personalization facility and the products manufactured therein.